Malware and Security Plugins

Malware and Security Plugins

Malware Infection

Recently, some websites on the KLOW server reported virus alert messages appearing to website visitors when they visited their website with the Internet Explorer Browser.  This was a result of some malware that was able to infect websites using a Trojan Horse virus, found in a WordPress theme.

The virus has been removed and the code the malware injected into websites has been cleared off of the server.  Not all websites on KLOW were infected, but if you are experiencing any issues with your website or if you get any reports this week of virus alert messages appearing to those visiting your websites, please let the NEKLS Tech Team know via this Email: tech@nekls.org

Actions Taken

In an attempt to protect KLOW websites against future attacks I have installed a few plugins on the websites that were infected and will continue to install them on more KLOW websites in the future.

They are as follows:
1. All In One WP Security – This gives your sites a security score and provides ways to easily improve that score.
2. Wordfence Security – This plugin quickly searches your sites for malicious code and informs you of it.
3. Anti-Malware by ELI – This plugin does a full (long) scan of your website and gives you an option to remove any malicious code if it finds any.  (I recommend running Wordfence to scan the website and then if it finds anything, run this plugin).

A picture of how the plugins appear on the side panel are found below, so if you see these on your website don’t worry.  They are helpful plugins.

securityplugins

What You Can Do

Anyone who reads this may be wondering what actions you can take to ensure your website isn’t infected in the future.  If you are thinking like that – great!  I have a few steps you can take to protect your website.

Step 1.  Remove any unused plugins or themes.  Unused Plugins and Themes can be a perfect exploit used by hackers or viruses to get malicious code onto your website so if you’re not using it, lose it!

Step 2. Update your plugins and themes.  Oftentimes the way viruses get onto your website in the first place is by finding some code in a plugin or theme that isn’t secured properly, and exploiting that problem with the code to give them unauthorized access to the site.  One way to combat this is to update your plugins and themes whenever there are updates available.  Doing this increases the chance that any problems with the code contained on your website will be patched (fixed), and your website will be more secure as a result.

Step 3. Update WordPress.  When there is a new WordPress update available it is best practice to update to the newest version.  These updates often include security updates that make your site harder for viruses and hackers to attack.  If you are worried about updating, check out this website first.  We’ll try to use www.mykansaslibrary.org to post any problems with updates when they are released.  If we don’t post anything then there likely aren’t any known issues we have discovered with using the new version!

Following those steps should help protect your website from the evils of the Internet and provide you with some security on your KLOW website.  If you have any questions or concerns please send us an Email at: tech@nekls.org

Have a great day!